News and Events in the Information Security world. Check in frequently for news, comments, opinions and guidance for InfoSec issues.
Created by Karn Griffen, Chief Technologist for Compushare, Inc. The nations leading Security, Risk, and Compliance consulting firm specializing in Financial Institutions.

Saturday, August 12, 2006

Our airline security is so worthless. I was coming back from a trip to Dallas this week and saw a little three year old girl exiting the extended security search area of the TSA. She could barely walk, but she was putting her shoes back on. This is just getting silly. Is she a terrorist?

Isn't it time to institute the national ID card? Isn't there any better way to control who is on the airplane? At least let us frequent business travelers have a easy-pass lane or something.

And let's think a little beyond airports . . . isn't any area where lot of people congregate a target? How are you going to control that? Any Football game, or better yet, Baseball, the American Tradition. You could sneak the bomb past security in an apple pie for insult.

With so much technology in the security arena available to us, can't we find a better way? C'mon President Bush! Israel has airplanes, they don't seem to have any airport trouble. But now I can't have toothpaste? Sweet, I can't wait until the next guy falls asleep on my shoulder who has been flying for 5 hours, and hasn't brushed his teeth in days.

Friday, August 11, 2006

Greetings! Over the next couple of days I will outline the basic steps for creating an Information Security Program that really works. Ther are seven major areas, listed below that I'll be covering over the coming days and week. Stay tuned . . . .

If you have any questions you would like answered, feel free to email me at securityguru@dot73.net, or just post a comment!

This fron CNET news yesterday. Why in the world is this type of data allowed on Laptops? And why are these laptops allowed outside a controlled environment. And why aren't these laptops full-disk encrypted, or using something like www.beachheadsolutions.com

Published: August 11, 2006, 12:46 PM PDTTalkBack E-mail Print del.icio.us Digg thisA U.S. Department of Transportation laptop with personal information on 133,000 Florida residents has been stolen, exposing the data to identity fraud.The computer was taken from a government-owned vehicle on July 27 in the Miami area, the agency said in a statement Wednesday. The password-protected laptop was assigned to a special agent in the Miami arm of the department's Office of Inspector General, it said.While the laptop did not contain financial or medical information, four databases with identifiable information were stored on it. The details included names, Social Security numbers, dates of birth and addresses in databases covering holders of Florida pilot's and driver's licenses, both commercial and personal.The databases were being used in an investigation into the use of fraudulent information to obtain commercial driver's or pilot's licenses, the Department of Transportation said.There is no indication that the thief or thieves took the computer because of its contents. Still, steps are being taken to protect and inform Florida residents and to recover the laptop, the agency said.The incident is the latest in a long string of data security breaches. The U.S. Department of Veterans Affairs is still recovering from the theft of a laptop and external hard disk drive that exposed the identities of 26.5 million veterans. Others that have lost"